Skip to main content

Mock SAML 2.0 Identity Provider

Project description

Mock IDP

Ever needed to test an SSO setup but don't have access to the IDP for whatever reason?

Mock IDP provides a SAML2.0 IDP using POST bindings without need for a user database or complicated enterprise software setup.


Mock-idp requires python 3.6 and pip


Install and run mock-idp using Pip:

$ pip3 install mock-idp
$ mock-idp

Configuration File

To override the system configuration create a config file. The service loads config files in the following order:

  1. mockidp.yaml in the current working directory
  2. ~/.mockidp.yaml in your home directory
  3. /etc/mockidp.yaml in the global config directory
  4. internal default config file shipped with the service package

Here is a sample (copy of built-in config) file to start with:

  - name: "local:service:author"
    response_url: "http://localhost:3000/saml_login"

    first_name: "Charlie"
    last_name: "Brown"
    email: ""
    password: snoopy
    first_name: "Linus"
    last_name: "van Pelt"
    email: ""
    password: pumpkin
    password: charlie
    first_name: "Lucy"
    last_name: "van Pelt"
    email: ""
    first_name: "Peppermint"
    last_name: "Patty"
    email: ""
    password: peppermint

Service providers

For each service provider (client) that uses the identity provider, an entry in the service providers section of the config is needed. It has two values:

  - name: "local:aem:author"
    response_url: "http://localhost:14502/saml_login"
  • name is the service provider entity id that the service provider sends with each request.
  • response_url is the public url of the service provider. Once login has been completed, the browser will be redirected to this url.


Users is a fairly self explanatory list of user credentials recognized by the IDP:

    first_name: "Charlie"
    last_name: "Brown"
    email: ""
    password: snoopy
      - administrators

Configuring a generic Service Provider

  • Mock-IDP supports the POST binding protocol of SAML2.0.
  • By default mock-idp runs on port 5000 and the binding path is /saml.
  • the response message provides four attributes:
    • uid: The username
    • email: the user email address
    • firstName: The users first name
    • lastName: The users last name
  • The logout path is /saml/logout

Certificate keys

To generate a service provider Certificate, run the following commands:

$ openssl genrsa -out saml.pem 2048
$ openssl req -new -key saml.pem -out saml.csr
$ openssl x509 -req -days 365 -in saml.csr -signkey saml.pem -out saml.crt

This will produce three files:

  • saml.pem - The private key
  • saml.csr - The certificate signing request
  • saml.crt - The final certificate

Refer to your service provider documentation on how to install the certificate.

Running using Docker

Import local config into a docker container

To run the base config just start the service and map port 5000

$ docker run -p 5000:5000 bjornskoglund/mock-idp:0.4.0

Provided you have produced your config file containing service providers and user account information. You can inject into a docker container by the following:

$ docker run -p 5000:5000 -v <absolute path to your config>.yaml:/usr/local/mock-idp/mockidp.yaml bjornskoglund/mock-idp

Copy the cert/cert.pem file into your Service Provider (SP), and be sure that the ISSUER (entity id) provided by the SP matches the name: of the Service Provider in your config.



Install pipenv with pip to handle dependencies

$ pip3 install pipenv

then install environment

$ pipenv install

Run from source:

$ PYTHONPATH=. pipenv run bin/mock-idp

All system config is located in mockidp/resources/default_config.yaml.


Mock-IDP has been tested with the following service providers

  • Adobe Experience Manager (AEM) 6.2
  • Node.js - saml2-js package

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release. See tutorial on generating distribution archives.

Built Distribution

mock_idp-0.5.1-py3-none-any.whl (42.9 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page